KR102313859B1 - 권한 위양 시스템, 그 제어 방법 및 클라이언트 - Google Patents

권한 위양 시스템, 그 제어 방법 및 클라이언트 Download PDF

Info

Publication number
KR102313859B1
KR102313859B1 KR1020180102419A KR20180102419A KR102313859B1 KR 102313859 B1 KR102313859 B1 KR 102313859B1 KR 1020180102419 A KR1020180102419 A KR 1020180102419A KR 20180102419 A KR20180102419 A KR 20180102419A KR 102313859 B1 KR102313859 B1 KR 102313859B1
Authority
KR
South Korea
Prior art keywords
client
authorization
authorization code
user
server
Prior art date
Application number
KR1020180102419A
Other languages
English (en)
Korean (ko)
Other versions
KR20190024817A (ko
Inventor
가즈나리 야마나카지마
하야토 마츠가시타
Original Assignee
캐논 가부시끼가이샤
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 캐논 가부시끼가이샤 filed Critical 캐논 가부시끼가이샤
Publication of KR20190024817A publication Critical patent/KR20190024817A/ko
Application granted granted Critical
Publication of KR102313859B1 publication Critical patent/KR102313859B1/ko

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • G06F21/608Secure printing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Power Engineering (AREA)
  • Information Transfer Between Computers (AREA)
  • Computer And Data Communications (AREA)
KR1020180102419A 2017-08-31 2018-08-30 권한 위양 시스템, 그 제어 방법 및 클라이언트 KR102313859B1 (ko)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2017167284A JP2019046059A (ja) 2017-08-31 2017-08-31 権限委譲システム、制御方法、およびプログラム
JPJP-P-2017-167284 2017-08-31

Publications (2)

Publication Number Publication Date
KR20190024817A KR20190024817A (ko) 2019-03-08
KR102313859B1 true KR102313859B1 (ko) 2021-10-18

Family

ID=65514830

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020180102419A KR102313859B1 (ko) 2017-08-31 2018-08-30 권한 위양 시스템, 그 제어 방법 및 클라이언트

Country Status (4)

Country Link
US (1) US10785204B2 (zh)
JP (1) JP2019046059A (zh)
KR (1) KR102313859B1 (zh)
CN (1) CN109428891B (zh)

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11108762B2 (en) * 2018-06-05 2021-08-31 The Toronto-Dominion Bank Methods and systems for controlling access to a protected resource
JP7170550B2 (ja) * 2019-01-28 2022-11-14 キヤノン株式会社 管理装置およびその制御方法
CN110225045A (zh) * 2019-06-18 2019-09-10 平安科技(深圳)有限公司 全链路数据鉴权方法、装置、设备及存储介质
JP7218679B2 (ja) * 2019-06-21 2023-02-07 富士通株式会社 情報処理装置、情報処理方法、および情報処理プログラム
EP3994593B1 (en) * 2019-07-05 2023-08-30 Visa International Service Association System, method, and computer program product for third-party authorization
CN110798447B (zh) * 2019-09-18 2021-10-08 广州朗国电子科技有限公司 一种基于网络通信的智能终端本地授权方法、装置及系统
EP3861676A1 (en) * 2019-10-21 2021-08-11 Google LLC Verifiable consent for privacy protection
CN110852724B (zh) * 2019-11-19 2023-03-14 深圳前海环融联易信息科技服务有限公司 一种流程转授权的方法、装置、计算机设备及存储介质
US11463258B2 (en) 2020-03-13 2022-10-04 Ebay Inc. Secure token refresh
CN111949958B (zh) * 2020-08-14 2023-08-18 中国工商银行股份有限公司 Oauth协议中的授权认证方法及装置
CN112564916A (zh) * 2020-12-01 2021-03-26 上海艾融软件股份有限公司 应用于微服务架构的访问客户端认证系统
CN113612744B (zh) * 2021-07-23 2023-09-22 天津中新智冠信息技术有限公司 远程授权系统和方法
CN113569204B (zh) * 2021-09-27 2022-06-10 北京华安天成智能技术有限公司 远程生产授权管理系统及方法
CN117331964B (zh) * 2023-12-01 2024-02-27 成都明途科技有限公司 数据查询方法、装置、设备及存储介质

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170142108A1 (en) * 2015-11-16 2017-05-18 Mastercard International Incorporated Systems and Methods for Authenticating an Online User Using a Secure Authorization Server

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP6066647B2 (ja) * 2012-09-27 2017-01-25 キヤノン株式会社 デバイス装置、その制御方法、およびそのプログラム
US8615794B1 (en) * 2013-01-09 2013-12-24 Ping Identity Corporation Methods and apparatus for increased security in issuing tokens
JP6439370B2 (ja) 2014-05-28 2018-12-19 株式会社リコー 情報処理システム、情報処理方法、情報処理装置及びプログラム
US9912648B2 (en) * 2014-07-15 2018-03-06 Square, Inc. Two-factor authentication with push notification for a security code
JP2017004301A (ja) * 2015-06-11 2017-01-05 キヤノン株式会社 認証サーバーシステム、方法、プログラムおよび記憶媒体
CN106714075B (zh) * 2015-08-10 2020-06-26 华为技术有限公司 一种处理授权的方法和设备
CN105978947A (zh) * 2016-04-27 2016-09-28 努比亚技术有限公司 对同一账号登录设备数量控制的方法及移动终端
CN105897757B (zh) * 2016-06-12 2019-01-04 上海携程商务有限公司 授权认证系统及授权认证方法
CN106534143A (zh) * 2016-11-28 2017-03-22 上海斐讯数据通信技术有限公司 一种跨应用认证授权的方法和系统

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170142108A1 (en) * 2015-11-16 2017-05-18 Mastercard International Incorporated Systems and Methods for Authenticating an Online User Using a Secure Authorization Server

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
D. Hardt, "The OAuth 2.0 Authorization Framework", IETF RFC 6749(2012.10.)*

Also Published As

Publication number Publication date
KR20190024817A (ko) 2019-03-08
CN109428891A (zh) 2019-03-05
US20190081943A1 (en) 2019-03-14
CN109428891B (zh) 2022-05-10
JP2019046059A (ja) 2019-03-22
US10785204B2 (en) 2020-09-22

Similar Documents

Publication Publication Date Title
KR102313859B1 (ko) 권한 위양 시스템, 그 제어 방법 및 클라이언트
KR102362456B1 (ko) 권한 위양 시스템, 그 제어 방법 및 저장 매체
KR102390108B1 (ko) 정보 처리 시스템 및 제어 방법
US8997196B2 (en) Flexible end-point compliance and strong authentication for distributed hybrid enterprises
US10003587B2 (en) Authority transfer system, method, and authentication server system by determining whether endpoints are in same or in different web domain
EP3462701B1 (en) Device, control method of the same, and program
US8468359B2 (en) Credentials for blinded intended audiences
CN111316267A (zh) 使用委托身份的认证
KR20210116407A (ko) 온라인 서비스 서버와 클라이언트 간의 상호 인증 방법 및 시스템
EP3759629B1 (en) Method, entity and system for managing access to data through a late dynamic binding of its associated metadata
US10785213B2 (en) Continuous authentication
JP7043480B2 (ja) 情報処理システムと、その制御方法とプログラム
KR101545897B1 (ko) 주기적인 스마트카드 인증을 통한 서버 접근 통제 시스템
US20220116217A1 (en) Secure linking of device to cloud storage
KR102199747B1 (ko) Otp 기반의 가상키보드를 이용한 보안 방법 및 시스템

Legal Events

Date Code Title Description
A201 Request for examination
E701 Decision to grant or registration of patent right
GRNT Written decision to grant